<?php
    include_once('../classes/class.mssql.php');
    include_once('../classes/class.login.php');

    session_start();
    
    $login = new Login();
    
    if (!isset($_POST['device']))
    {
	if ($login->isLoggedIn() || $login->sessionExist() || $login->isCookieSet())
	{
	    $db = new MSSQL();
            $comtec_id_user=$login->giveId();
	    $tsql = "SELECT access_level,comtec_id_mainteiner FROM [dbo].[users] WHERE comtec_id_user = $comtec_id_user";
	    $stmt = $db->query($tsql);
	    $r = $db->fetch_array($stmt);
            $_SESSION['comtec_id_mainteiner'] = $r['comtec_id_mainteiner'];
	    switch ($r['access_level'])
	    {
		
                case 0:
                    //TODO Acceso comtec al sistema RF MANTENCION
                    $_SESSION['context'] = 'admin';
                    break;
                case 1:
                    $_SESSION['users'] = 'managers';
                    $_SESSION['context'] = 'company';
		    header('location: http://'.$_SERVER['HTTP_HOST'].'/company/panel.php?id='.$login->giveId());
		    break;
		
		case 2:
                    $_SESSION['users'] = 'administratives-1';
		    $_SESSION['context'] = 'company';
                    header('location: http://'.$_SERVER['HTTP_HOST'].'/company/panel.php?id='.$login->giveId());
		    break;
		
		case 3:
                    $_SESSION['users'] = 'administratives-2';
		    $_SESSION['context'] = 'company';
                    header('location: http://'.$_SERVER['HTTP_HOST'].'/company/panel.php?id='.$login->giveId());
		    break;
		
		case 4:
		    $_SESSION['users'] = 'technicians';
                    $_SESSION['context'] = 'company';
                    header('location: http://'.$_SERVER['HTTP_HOST'].'/company/panel.php?id='.$login->giveId());
		    break;
		
		case 5:
                    $_SESSION['users'] = 'clients';
		    $_SESSION['context'] = 'client';
                    header('location: http://'.$_SERVER['HTTP_HOST'].'/clients/panel.php?id='.$login->giveId());
		    break;
	    }
	}
	else
	{
	    echo "<script>alert('Ingreso no valido');</script>";
	    echo "<script>javascript:history.go(-1);</script>";
	}
    }elseif(isset($_POST['login'])){
     if ($login->isLoggedIn() || $login->sessionExist() || $login->isCookieSet())
     {
      $db = new MSSQL();
      $comtec_id_user=$login->giveId();
      $tsql = "SELECT access_level,comtec_id_mainteiner FROM [dbo].[users] WHERE comtec_id_user = $comtec_id_user";
      $stmt = $db->query($tsql);
      $r = $db->fetch_array($stmt);
      $_SESSION['comtec_id_mainteiner'] = $r['comtec_id_mainteiner'];
      if($r['access_level'] == 4){
       $_SESSION['users'] = 'technicians';
       $_SESSION['context'] = 'company';
       header('location: http://'.$_SERVER['HTTP_HOST'].'/rfmobile/panel.php?id='.$login->giveId()); 
      }else{
            echo "<script>alert('Por el momento solo pueden ingresar usuarios tipo técnico');</script>";
            session_destroy();
            setcookie("session_id","",time()-60*60*24*30,"/");
            header('location: http://'.$_SERVER['HTTP_HOST'].'/rfmobile/');
           }     
     }else
	{
	 echo "<script>alert('Ingreso no valido');</script>";
	 header('location: http://'.$_SERVER['HTTP_HOST'].'/rfmobile/');
	}
    }
?>
